These days, attackers use cheap and publicly accessible services to help them bypass Anti-Virus protections and gain a foothold in their victims’ systems.
We give a behind the scenes look at a service called CypherIt, which is sold publicly as a legitimate service but is used to wrap malwares and hide their malicious content.
This evasion technique can also be used as a weapon against the malware writers, as we can use it to help detect malwares. All you need to do is to read the label on the basket. In this case, the basket is CypherIT, a well-known packer.
According to Check Point telemetry, about 13 percent of all the malicious executables sent by email during August – October 2019 used AutoIt crypters such as CypherIT to hide their malicious content.